How do you retrieve the displayName of an App Role via Graph?

Andrew T 20 Reputation points
2024-04-17T17:41:57.8433333+00:00

I need to retrieve the display name of an App Role assigned to a user via the Microsoft Graph API. I see the resource type appRole, but there doesn't seem to be a way to retrieve it: https://learn.microsoft.com/en-us/graph/api/resources/approle?view=graph-rest-1.0

Currently I am retrieving a user's appRoleAssignments, which does not return the App Role display name, which is what I need. Ultimately, my goal is that for a given user, I want a list of App Role display names.

Alternatively, instead of the display name, the App Role value would also suffice.

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
10,612 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,514 questions
0 comments
Accepted answer
  1. Vasil Michev 95,581 Reputation points MVP
    2024-04-18T07:10:45.42+00:00

    You have to query the application/service principal object itself to get that info (resourceId value if starting from the AppRoleAssignments endpoint). For example, the below query will give you the list of AppRoles defined on a given service principal, including their displayName

    GET https://graph.microsoft.com/v1.0/servicePrincipals/837cf7bc-bc22-42eb-8c3f-375a6372563f?$select=appRoles

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest